STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10964 commits 87 branches 0 tags 160 MiB
Commit graph

399 commits

Author SHA1 Message Date
Kynan Ware
bd12a06860 Switch deployment signing to OIDC authentication 2026-03-11 18:42:56 -06:00
tidy-dev
c9afc3c089 fix: add if guard to no-response job to prevent running on workflow_dispatch 
Prevents no-response from accidentally closing issues when manually
dispatching the workflow for pitch surfacing.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-03-10 11:44:55 -04:00
tidy-dev
089e461087 Add pitch surfacing workflow (monthly + manual dispatch) 2026-03-10 09:30:57 -04:00
Kynan Ware
7fa453e467 Update Go version requirement to 1.26+ 2026-03-07 10:10:01 -07:00
Kynan Ware
b18358b754 Bump golangci-lint from v2.6.0 to v2.11.0 for Go 1.26 support 
golangci-lint v2.6.0 was built with Go 1.25 and cannot lint code targeting
Go 1.26.1. Go 1.26 support was added in golangci-lint v2.9.0.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-03-06 21:24:41 -07:00
Kynan Ware
e3ac074968
Merge pull request #12760 from cli/dependabot/github_actions/goreleaser/goreleaser-action-7.0.0 
chore(deps): bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0
 2026-03-02 09:27:01 -07:00
Kynan Ware
453d89c2d4
Merge pull request #12795 from cli/dependabot/github_actions/actions/attest-build-provenance-4.1.0 
chore(deps): bump actions/attest-build-provenance from 3.2.0 to 4.1.0
 2026-03-02 09:26:34 -07:00
Kynan Ware
c2ccf29aa4
Merge pull request #12796 from cli/dependabot/github_actions/actions/download-artifact-8 
chore(deps): bump actions/download-artifact from 7 to 8
 2026-03-02 09:24:28 -07:00
dependabot[bot]
b1df464f52
chore(deps): bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 6.4.0 to 7.0.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](e435ccd777...ec59f474b9)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-02 16:03:04 +00:00
dependabot[bot]
ab399f09e1
chore(deps): bump actions/attest-build-provenance from 3.2.0 to 4.1.0 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.2.0 to 4.1.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](96278af6ca...a2bbfa2537)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-02 16:02:34 +00:00
dependabot[bot]
6842f5bdcb
chore(deps): bump actions/download-artifact from 7 to 8 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v7...v8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-02 16:02:32 +00:00
dependabot[bot]
cc15e7e16d
chore(deps): bump actions/upload-artifact from 6 to 7 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-02 16:02:25 +00:00
William Martin
7ea88b1c4d
Bundle licenses at release time (#12625) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
 2026-02-18 17:59:27 +01:00
Kynan Ware
e90343db35 Migrate PR triage workflows to shared workflows 
Replace prauto.yml and pr-help-wanted.yml with a single
triage-pull-requests.yml that calls shared reusable workflows from
desktop/gh-cli-and-desktop-shared-workflows:

- triage-label-external-pr: labels external PRs with external,needs-triage
- triage-close-from-default-branch: closes PRs opened from trunk
- triage-pr-requirements: enforces body length + help-wanted issue linkage
- triage-close-no-help-wanted: closes PRs labeled no-help-wanted-issue
- triage-ready-for-review: removes needs-triage on ready-for-review label

Also adds a daily schedule to auto-close PRs with unmet requirements
after 7 days.

Deletes:
- prauto.yml
- pr-help-wanted.yml
- scripts/check-help-wanted.sh

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-02-17 07:57:52 -07:00
Kynan Ware
e1983ce457 Rename triage workflow to triage-discussion-label 
Rename .github/workflows/triage.yml to .github/workflows/triage-discussion-label.yml and update the workflow name from "Discussion Triage" to "Process Discuss Label" to better reflect its intent.
 2026-02-17 07:32:35 -07:00
Kynan Ware
e861681139 Pass environment as input to shared triage workflow 
The `environment` property cannot be set at the job level when using
`uses:` to call a reusable workflow. Pass it as a workflow input instead.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-02-17 07:27:01 -07:00
copilot-swe-agent[bot]
8e6cdf7059 Add missing environment and label check to triage workflow 
Co-authored-by: BagToad <47394200+BagToad@users.noreply.github.com>
 2026-02-17 14:05:39 +00:00
Kynan Ware
f1ebf6f8d9 Migrate stale workflow to shared workflow 2026-02-13 11:17:33 -07:00
Kynan Ware
a5e97b5b6c Migrate issue triage workflows to shared workflows 2026-02-12 23:32:45 -07:00
Kynan Ware
35828f44cd Add manual dispatch to bump-go workflow 
Enable manual runs of the Bump Go workflow by adding the workflow_dispatch trigger alongside the existing scheduled cron. This allows maintainers to trigger the bump process on-demand while keeping the daily 3 AM UTC schedule intact.
 2026-02-06 11:52:24 -07:00
dependabot[bot]
fdc72751a7
chore(deps): bump actions/attest-build-provenance from 3.1.0 to 3.2.0 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](00014ed6ed...96278af6ca)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-27 14:01:36 +00:00
dependabot[bot]
09e66252fd
chore(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.4.0 
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 6.0.0 to 6.4.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](286f3b13b1...e435ccd777)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-23 18:22:34 +00:00
Kynan Ware
c8335e3f55
Merge pull request #12315 from cli/dependabot/github_actions/actions/upload-artifact-6 
chore(deps): bump actions/upload-artifact from 5 to 6
 2026-01-23 11:18:50 -07:00
Kynan Ware
970a1ebbc1
Merge pull request #12314 from cli/dependabot/github_actions/actions/download-artifact-7 
chore(deps): bump actions/download-artifact from 6 to 7
 2026-01-23 11:18:19 -07:00
William Martin
249de236bd
Update go-licenses for 1.25 2026-01-07 15:38:58 +00:00
Kynan Ware
1d76eae5aa
Add shell specification for temporary tag creation 2026-01-06 10:37:12 -07:00
Babak K. Shandiz
f47a230eda
ci: shorten run block 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2026-01-06 17:04:02 +00:00
Babak K. Shandiz
d02341d5a3
ci: improve step name 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2026-01-06 17:02:54 +00:00
Babak K. Shandiz
fa871ffa67
ci: tag per build job 
We need to tag the HEAD commit to make sure the right version is baked
into the built binaries.

See for more details:
- https://github.com/cli/cli/issues/12263

Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2026-01-06 16:59:08 +00:00
Kynan Ware
c9ba3793ee
Update Azure Code Signing endpoint URL 2026-01-05 13:43:55 -07:00
Kynan Ware
319567c2cf
Update Azure Code Signing client to 1.0.95 
Also updates the source URL
 2026-01-05 11:49:16 -07:00
Babak K. Shandiz
aed52d5ee1
ci: disable create storage record for artifacts 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-12-19 19:17:44 +00:00
dependabot[bot]
4f5e755c24
chore(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](977bb373ed...00014ed6ed)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-19 19:13:50 +00:00
Babak K. Shandiz
146e886761
Merge pull request #12318 from cli/babakks/upgrade-to-goreleaser-v2 
ci: upgrade to GoReleaser `v2`
 2025-12-19 19:12:19 +00:00
Babak K. Shandiz
dd6783868b
ci: fix binary artifact dir paths used in Windows job 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-12-15 18:56:07 +00:00
Babak K. Shandiz
a777a95e9a
ci: upgrade to GoReleaser v2 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-12-15 18:44:25 +00:00
dependabot[bot]
aba49aab39
chore(deps): bump actions/upload-artifact from 5 to 6 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 14:03:27 +00:00
dependabot[bot]
58534228a9
chore(deps): bump actions/download-artifact from 6 to 7 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 14:03:19 +00:00
dependabot[bot]
67559b67a4
chore(deps): bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 9.1.0 to 9.2.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](e7fa5ac41e...1e7e51e771)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-12 12:05:50 +00:00
dependabot[bot]
9af5c5f95c chore(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](0a35821d5c...e7fa5ac41e)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:43:26 +01:00
dependabot[bot]
13d9ab631d chore(deps): bump actions/checkout from 5 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:24:05 +01:00
dependabot[bot]
1a06438f91
chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](4afd733a84...0a35821d5c)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-13 11:57:15 +00:00
Kynan Ware
cc178cf5e4
Update .github/workflows/lint.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-07 09:31:36 -07:00
Kynan Ware
b917c4cd50 Annotate go-licenses install with version tag 
Added a comment specifying the installed go-licenses commit corresponds to v2.0.1 for clarity in the lint workflow.
 2025-11-07 09:27:40 -07:00
Kynan Ware
9eb019ae56 Integrate license checks back into lint workflow 
Reverts https://github.com/cli/cli/pull/11370
 2025-11-06 11:57:51 -07:00
Kynan Ware
c0d5f164f2
Merge pull request #12089 from cli/kw/use-source-govulncheck-scan-lint 
CI: Update lint govulncheck to use source mode
 2025-11-03 13:18:27 -07:00
Kynan Ware
52391ff0f8
Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-03 13:08:16 -07:00
Kynan Ware
b151f53d02 Add note on govulncheck source mode for Go 1.25 2025-11-03 13:05:33 -07:00
Kynan Ware
6c1d1c4f49 Update lint govulncheck to use source mode 
Replaces binary mode scan of 'bin/gh' with source mode scan of all packages using govulncheck.
 2025-11-03 12:55:13 -07:00
Babak K. Shandiz
eaddf5baf9
chore: add workflow_dispatch to govulncheck triggers 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-11-03 19:43:01 +00:00